Hansblog Sometimes code, security, transit, other projects.

You need multiple SAML IDP signing keys

31 Mar 2020
Shared signing keys for SAML identity providers is a commonly-overlooked vulnerability that matters more in the real world than other SAML issues.

Cron Email is Dead, Long Live Cron Email

30 Jul 2019
Replacing SMTP email from servers with a simple logging tool.

Migrating from U2F to WebAuthn

12 Jun 2019
The process (and pitfalls) of upgrading a U2F-supporting website to WebAuthn, with demonstration code.

Changing hard-coded Chrome OS locale settings

21 Sep 2018
Modifying low-level Chrome OS settings so that I don't have to change the region settings from Canadian English to US English every time I log in.

Making an IoT Garage Door Opener

14 Nov 2017
Building a wifi-accessible garage door opener on an embedded Linux system out of spare parts.

I'd like Caltrain to publish raw train data

30 Aug 2014
An attempt at building a visualization of Caltrain train lateness, foiled by messy data and a hard-to-operate web scraper.